[PATCH] wireguard: Add option to disable Endpoint Host Dependency
Fabian Bläse
fabian at blaese.de
Sa Mai 25 20:19:19 CEST 2019
Hallo Adrian,
vielen Dank, das macht meinen wireguard Patch dann viel angenehmer zum Reviewen.
Reviewed-by: Fabian Bläse <fabian at blaese.de>
Gruß
Fabian
On 24.05.19 13:00, Adrian Schmutzler wrote:
> When using IPv6 addresses (or DNS which has AAAA record) as endpoint,
> add_host_dependency fails for some reason which causes the wireguard
> interface to disappear.
>
> This patch backports an option from OpenWrt master, where
> host_dependency can be disabled by adding 'option nohostroute 1'
> to the interface.
>
> This is an alternate approach based on the work of Fabian Bläse.
>
> Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
> ---
> ...01-wireguard-introduce-nohostroute-option.patch | 47 ++++++++++++++++++++++
> 1 file changed, 47 insertions(+)
> create mode 100644 build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch
>
> diff --git a/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch
> new file mode 100644
> index 00000000..09d43ddc
> --- /dev/null
> +++ b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch
> @@ -0,0 +1,47 @@
> +From: Daniel Golle <daniel at makrotopia.org>
> +Date: Tue, 19 Mar 2019 16:47:17 +0100
> +Subject: wireguard: introduce 'nohostroute' option
> +
> +Use a new config option 'nohostroute' to explicitely prevent creation
> +of the route to the endpoint.
> +
> +Signed-off-by: Daniel Golle <daniel at makrotopia.org>
> +[squashed with commit 1e8bb50, shorten commit message]
> +Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.net>
> +
> +diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh
> +index 96fa7215ff..fb781070d6 100644
> +--- a/package/network/services/wireguard/files/wireguard.sh
> ++++ b/package/network/services/wireguard/files/wireguard.sh
> +@@ -114,6 +114,7 @@ proto_wireguard_setup() {
> + config_get mtu "${config}" "mtu"
> + config_get fwmark "${config}" "fwmark"
> + config_get ip6prefix "${config}" "ip6prefix"
> ++ config_get nohostroute "${config}" "nohostroute"
> +
> + # create interface
> + ip link del dev "${config}" 2>/dev/null
> +@@ -176,12 +177,14 @@ proto_wireguard_setup() {
> + done
> +
> + # endpoint dependency
> +- wg show "${config}" endpoints | \
> +- sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
> +- while IFS=$'\t ' read -r key address port; do
> +- [ -n "${port}" ] || continue
> +- proto_add_host_dependency "${config}" "${address}"
> +- done
> ++ if [ "${nohostroute}" != "1" ]; then
> ++ wg show "${config}" endpoints | \
> ++ sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
> ++ while IFS=$'\t ' read -r key address port; do
> ++ [ -n "${port}" ] || continue
> ++ proto_add_host_dependency "${config}" "${address}"
> ++ done
> ++ fi
> +
> + proto_send_update "${config}"
> + }
> +--
> +2.11.0
> +
>
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 833 bytes
Beschreibung: OpenPGP digital signature
URL : <https://{'listname': 'franken-dev-freifunk.net', 'hostname': 'lists.freifunk.net'}/pipermail/franken-dev-freifunk.net/attachments/20190525/49f07102/attachment.sig>
Mehr Informationen über die Mailingliste franken-dev